Cisco IOS For Communication Manager Express SCCP拒绝服务漏洞

漏洞起因
设计错误
危险等级

 
影响系统
Cisco IOS 12.4YB
Cisco IOS 12.4YA
Cisco IOS 12.4XY
Cisco IOS 12.4XW
Cisco IOS 12.4XV
Cisco IOS 12.4XT
Cisco IOS 12.4XP
Cisco IOS 12.4XM
Cisco IOS 12.4XL
Cisco IOS 12.4XK
Cisco IOS 12.4XJ
Cisco IOS 12.4XG
Cisco IOS 12.4XE
Cisco IOS 12.4XD
Cisco IOS 12.4XC
Cisco IOS 12.4XB
Cisco IOS 12.4XA
Cisco IOS 12.4T
Cisco IOS 12.4MR
Cisco IOS 12.4
Cisco IOS 12.3ZA
Cisco IOS 12.3YZ
Cisco IOS 12.3YX
Cisco IOS 12.3YU
Cisco IOS 12.3YT
Cisco IOS 12.3YS
Cisco IOS 12.3YQ
Cisco IOS 12.3YM
Cisco IOS 12.3YK
Cisco IOS 12.3YG
Cisco IOS 12.3YF
Cisco IOS 12.3XZ
Cisco IOS 12.3XY
Cisco IOS 12.3XX
Cisco IOS 12.3XU
Cisco IOS 12.3XR
Cisco IOS 12.3XQ
Cisco IOS 12.3XL
Cisco IOS 12.3XJ
Cisco IOS 12.3XI
Cisco IOS 12.3XG
Cisco IOS 12.3XF
Cisco IOS 12.3XE
Cisco IOS 12.3XD
Cisco IOS 12.3XC
Cisco IOS 12.3XB
Cisco IOS 12.3XA
Cisco IOS 12.3TPC
Cisco IOS 12.3T
Cisco IOS 12.3JK
Cisco IOS 12.3B
Cisco IOS 12.3
Cisco IOS 12.2ZP
Cisco IOS 12.2ZL
Cisco IOS 12.2ZJ
Cisco IOS 12.2ZH
Cisco IOS 12.2ZF
Cisco IOS 12.2ZE
Cisco IOS 12.2ZD
Cisco IOS 12.2ZC
Cisco IOS 12.2ZB
Cisco IOS 12.2YY
Cisco IOS 12.2YW
Cisco IOS 12.2YV
Cisco IOS 12.2YU
Cisco IOS 12.2YT
Cisco IOS 12.2YN
Cisco IOS 12.2YM
Cisco IOS 12.2YL
Cisco IOS 12.2YJ
Cisco IOS 12.2YH
Cisco IOS 12.2YD
Cisco IOS 12.2YC
Cisco IOS 12.2YB
Cisco IOS 12.2YA
Cisco IOS 12.2XW
Cisco IOS 12.2XU
Cisco IOS 12.2XT
Cisco IOS 12.2XNF
Cisco IOS 12.2XNE
Cisco IOS 12.2XND
Cisco IOS 12.2XNC
Cisco IOS 12.2XNB
Cisco IOS 12.2XNA
Cisco IOS 12.2XM
Cisco IOS 12.2XG
Cisco IOS 12.2XB
Cisco IOS 12.2TPC
Cisco IOS 12.2T
Cisco IOS 12.2MC
Cisco IOS 12.2BY
Cisco IOS 12.2BX
Cisco IOS 12.2B
Cisco IOS 12.2(13)ZH6
Cisco IOS 12.1YI
Cisco IOS 12.1YF
Cisco IOS 12.1YD
 
不受影响系统
Cisco IOS 15.0(1)M2
Cisco IOS 15.0(1)M1
Cisco IOS 12.4XN
Cisco IOS 12.4(25c)
Cisco IOS 12.4(22)YB5
Cisco IOS 12.4(19)MR1
Cisco IOS 12.3(8)JK1
Cisco IOS 12.3(2)XA7
Cisco IOS 12.3(11)YK3
Cisco IOS 12.2SB
Cisco IOS 12.2(8)YJ1
Cisco IOS 12.2(4)YA8
Cisco IOS 12.2(15)MC2b
Cisco IOS 12.2(11)YV1
 
危害
远程攻击者可以利用漏洞使设备重载。
 
攻击所需条件
攻击者必须访问Cisco Unified CME。
 
漏洞信息
Cisco IOS是一款流行的Internet操作系统。
Cisco Unified CME是一款集成在Cisco IOS软件中增强型IP电话解决方案的呼叫处理组件。Cisco IOS软件包含的Cisco Unified CME和Cisco Unified SRST存在两个拒绝服务攻击,当处理特定的畸形SCCP消息时可导致设备重载。
不过只有注册过的电话IP地址才能发送此类畸形SCCP消息。如果自动注册功能启用(仅限Cisco Unified CME)的情况下,攻击者可以注册它的IP地址并之后发送畸形负载来利用这些漏洞。
自动注册功能默认是开启的。要成功利用漏洞需要针对SCCP端口完成完整的TCP三次握手,默认情况下SCCP端口为TCP 2000。
 
测试方法
临时解决方案
用户可执行如下命令禁用Cisco Unified CME的自动注册功能:
telephony-service
  no auto-reg-ephone
 
厂商解决方案
用户可参考如下供应商提供的安全公告获得补丁信息:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml
 
漏洞提供者
Cisco

发表评论?

0 条评论。

发表评论